PT-2021-16667 · Mediatek · Mediatek Rrc Protocol Stack

Published

2021-10-06

Updated

2022-04-01

CVE-2021-25477

CVSS v3.1

4.9

Medium

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: Mediatek RRC Protocol stack versions prior to SMR Oct-2021 Release 1

Description: The issue is related to improper error handling in the Mediatek RRC Protocol stack, which can cause a modem crash and allow for remote denial of service.

Recommendations: For versions prior to SMR Oct-2021 Release 1, update to SMR Oct-2021 Release 1 or later to resolve the issue.

Fix

Double Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-415

Related Identifiers

ASB-A-220262213

CVE-2021-25477

M-MOLY00684727

Affected Products

Mediatek Rrc Protocol Stack

PT-2021-16667 · Mediatek · Mediatek Rrc Protocol Stack

CVE-2021-25477

Weakness Enumeration

Related Identifiers

Affected Products

References · 7